- Dahua CCTV flaws identified by Bitdefender affect over 100 popular security camera models
- Vulnerabilities allow remote code execution without authentication over local or internet connections
- Company urges firmware updates and network isolation to prevent exploitation
Researchers at Bitdefender have announced two critical vulnerabilities affecting a large number of Dahua smart cameras.
The flaws, which were patched in the most recent firmware update, could allow unauthenticated attackers to take full control of affected devices.
Dahua has confirmed that a total of 126 models were affected, including multiple IPC, SD, and DH series devices, not just the Hero C1 model first reported.
Patch now
The first of the vulnerabilities, CVE-2025-31700, is a buffer overflow flaw in Dahua camera firmware that can be triggered when the device processes specially crafted network packets. If exploited, it could cause the camera to crash or, in some cases, allow a remote attacker to run their own code on the device.
The second, CVE-2025-31701, is another buffer overflow issue also exploitable through maliciously crafted packets sent over the network. It too can be used to crash the camera or potentially gain full remote control depending on the target’s defenses.
Both can be exploited to run arbitrary code with root privileges.
Bitdefender privately reported the issues to Dahua on March 28, 2025. The Chinese video surveillance equipment manufacturer acknowledged the report the next day and validated the findings by April 1.
It requested some time to prepare a fix for the issues, with patches finally rolling out last month, followed by the agreed public disclosure.
The two vulnerabilities can be especially dangerous for devices accessible from the internet via port forwarding or UPnP, as no authentication is required for possible exploitation.
Bitdefender warns that successful attacks could bypass firmware integrity checks and deploy persistent malicious code, making cleanup difficult.
Dahua, the world’s second-largest CCTV manufacturer behind Hikvision, has faced scrutiny in several countries over cybersecurity issues and data privacy concerns, particularly related to potential vulnerabilities in its network-connected devices.
It maintains a Product Security Incident Response Team (PSIRT) to coordinate with researchers on reported flaws, such as in the case of these vulnerability disclosures.
It is urging all customers who have not yet done so to update their camera firmware as a matter of urgency.
For anyone unable to do so immediately, it advises disconnecting vulnerable devices from direct internet access, disabling UPnP, and isolating cameras on separate networks to reduce risk.
A detailed list of affected models is included in Dahua’s online advisory, along with links to patched firmware.
Both Dahua and Bitdefender stress unpatched internet-connected devices should be considered prime targets.
Add Comment